This is a multi-part message in MIME format.

--===============1426990935==
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0000_01C6B1A1.0DAEFA60"

This is a multi-part message in MIME format.

------=_NextPart_000_0000_01C6B1A1.0DAEFA60
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi all,

Firstly, I am a newbie in the area of VPN. I have been experiencing problems
in creating a VPN tunnel from work.
I have an inbound NAT to the untrust (outside) interface of my Netscreen 5gt
firewall.

When connecting from the VPN client, the client is initiating with my
untrust interface which is a private address (192.168.0.x).

My first question is, must the VPN be terminated on a public IP? How do I
perform VPN passthrough? I have a NAT statement like this
ip nat source static 192.168.x.x interface dialer(x)

A simple network diagram:

Internet -> Cisco 837 (192.168.x.x /24)--> Untrust (Netscreen 5gt) --->
private network (172.16.x.x /24)

Thanks for your help.


Regards,
Henry Tham



------=_NextPart_000_0000_01C6B1A1.0DAEFA60
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable




charset=3Dus-ascii">
6.5.7036.0">
837 + Netscreen




Hi =
all,



FACE=3D"Arial">Firstly, I am a newbie in the area of VPN. I have been =
experiencing problems
LANG=3D"en-us"> in LANG=3D"en-us"> FACE=3D"Arial">creating a VPN tunnel from work.



I =
have an inbound NAT to the untrust
LANG=3D"en-us"> FACE=3D"Arial"> LANG=3D"en-us"> (outside) interface of =
my
SIZE=3D2 FACE=3D"Arial">N LANG=3D"en-us">etscreen 5gt =
firewall.



When =
connecting from the VPN client, the client is initiating with my untrust =
interface which is a private address (192.168.0.x).



My =
first question is, must the VPN be terminate
LANG=3D"en-us"> FACE=3D"Arial">d LANG=3D"en-us"> on a public =
IP?
SIZE=3D2 FACE=3D"Arial"> How do I LANG=3D"en-us"> FACE=3D"Arial">perform LANG=3D"en-us"> VPN passthrough? I have a =
NAT statement like this



ip =
nat source static
LANG=3D"en-us"> FACE=3D"Arial">192.168.x.x interface dialer(x) LANG=3D"en-us">



A =
simple network diagram:



FACE=3D"Arial">Internet -> Cisco 837 LANG=3D"en-us"> FACE=3D"Arial">(192.168.x.x /24) LANG=3D"en-us"> FACE=3D"Wingdings" SIZE=3D2>à LANG=3D"en-us"> FACE=3D"Arial"> LANG=3D"en-us"> FACE=3D"Arial">U LANG=3D"en-us"> FACE=3D"Arial">ntrust LANG=3D"en-us"> FACE=3D"Arial"> LANG=3D"en-us"> FACE=3D"Arial">( LANG=3D"en-us"> FACE=3D"Arial">N LANG=3D"en-us"> FACE=3D"Arial">etscreen 5gt) - LANG=3D"en-us"> FACE=3D"Wingdings" SIZE=3D2>à LANG=3D"en-us"> FACE=3D"Arial"> private network (172.16.x.x /24) LANG=3D"en-us">



FACE=3D"Arial">Thanks for your help.





LANG=3D"en-au"> FACE=3D"Arial">Regards, LANG=3D"en-us">



Henry =
Tham
LANG=3D"en-au">



FACE=3D"Arial"> 







------=_NextPart_000_0000_01C6B1A1.0DAEFA60--


--===============1426990935==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
VPN mailing list
VPN@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
--===============1426990935==--